Be unstoppable with us!
T-Mobile is synonymous with innovation-and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop!
Come work with the Cyber Security Operations Center (CSOC) team!!!
Responsibilities
The role of a Security Engineer is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures, specifically:
Monitor incoming event queues for potential security incidents per operational procedures
Perform triage, analysis, and response of security alerts to determine and initiate appropriate courses of action, with escalation as defined by established procedures
Collect and organize alert, event and triage data to produce reports to provide feedback to existing content, inform new content, and measure relevant KPIs
Provide support for and collaboration with higher-tier support teams to investigate escalated incidents
Assist in the development of new security operations processes as well as the refinement or improvement of existing processes
Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users
Maintain CSOC shift logs with relevant activity from current shift.
Document investigation case notes, ensuring relevant details are passed to CIRT for escalated incident analysis
Update or reference CSOC knowledge management repository as necessary for changes to CSOC processes and procedures and ingest CSOC daily intelligence reports and previous shift pass downs
Conduct security research and intelligence gathering on emerging threats and exploits
Qualifications Minimum Required
2-4 years of experience working in a large enterprise
2-4 years of experience as a SOC or Incident Response investigator or equivalent work experience
Conversant with cyber security intrusion analysis concepts and techniques
Understanding of security incident investigation and log analysis
Experience investigating security incidents, threats and vulnerabilities
Demonstrable knowledge of networking (TCP/IP, topology, OSI model and network forensics), operating systems (Windows/MacOS/Linux), and web technologies (web applications, database security, web servers)
Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
Knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
High degree of attention to detail
Presentation skills to large and small audiences
Strong verbal and written communication skills
Desired
Experience supporting Cyber Security Operations in a large enterprise environment
Experience with SIEM & Log Management solutions
Experience with cloud security, telecom security, data protection
Experience with enterprise systems or network administration
CCNA Security, GCIA, GCIH or other related security certifications
Minimum Required Education
Degree in Computer Science, Information Technology, or equivalent work experience
In lieu of a degree, 6+ years of related experience may be considered
Course work in Cyber Security is strongly preferred
General/Physical Requirements
Must sit for extended periods of time. Extensive computer and telephone utilization.
Shift work in a 24O7 Cyber Security Operations Center
Participation in on-call rotation may be required
* At least 18 years of age
* Legally authorized to work in the United States
At T-Mobile, employees in regular, non-te